Forum Discussion

mikhailf's avatar
mikhailf
Steel Contributor
Dec 01, 2024

Anti-malware policy doesn't block files

Hello Microsoft Community,

 

We have recently found that Anti-malware policy doesn't block files that are set to be blocked by the policy.

For example, when we send an *.ics file with a cmd/exe/jse/rdp and other files inside of the ics, the email is not blocked and is delivered to users.

We did several tests with external security vendor by sending real malwares, ransomwares and exploits attached to the ics and all of them passed the filtering system.

 

Is anyone aware of the issue? Doesn't MDO scans nested files?! 

This has happened with a few tenants. Those tenants have Microsoft E5 licenses.

No RepliesBe the first to reply

Resources